This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Re: Protect your network with pfSense firewall/router

Posted by: Anonymous [ip: 75.138.105.255] on October 07, 2008 03:52 AM
I've got a redundant pair for our Production firewalls. pFsense uses CARP for vip redundancy all rules automatically sync between firewalls (unless you specify otherwise).
Each firewall has 4 Nics/zones plus one for firewall sync/heartbeat.
Between our corporate network (Gb) and our production (Gb) I do notice some minor drop in thru-put ~10% but we are talking two firewall hops.

Back in the day I've installed and managed a number of different firewalls, Gauntlet, Checkpoint, Raptor, Cisco PIX, as well as linux iptables. While Idon't think most corporations will replace their $30K firewall solutions w/ pfSense anytime soon. Most businesess w/o quite that much money to throw around should consider this slightly less polished solution and a ice donaion to keep the effort moving forward.

Caveat: I found the ftp support not to my liking so I compiled jftpgw on a freebsd box and installed it along w/ the pfSense supplied djbDNS server package. I use tcpserver to keep jftpge running.

#

Return to Protect your network with pfSense firewall/router